CVE-2026-22387

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Aviana aviana allows PHP Local File Inclusion.This issue affects Aviana: from n/a through = 2.1...

CVE-2026-22410 WordPress Dolcino theme <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dolcino dolcino allows PHP Local File Inclusion.This issue affects Dolcino: from n/a through = 1.6...

PT-2025-23919

Name of the Vulnerable Software and Affected Versions File::Find::Rule versions through 0.34 Description The issue allows for Arbitrary Code Execution when the grep function encounters a crafted filename. This is due to a file handle being opened with the 2 argument form of open, allowing an...

SUSE-SU-2018:1814-1 Security update for gpg2

This update for gpg2 fixes the following security issue: - CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'...

EUVD-2016-5073

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the pharanalyzepath function in ext/phar/phar.c...